Who Should Be On The 'Independent' NSA Surveillance Review Board?

from the thinking-through-the-list dept

We've been pointing out that President Obama's "Surveillance Review Board" -- which is being put together to provide an "outside" review of the NSA's surveillance efforts -- doesn't inspire much confidence. All are barely "outsiders", having worked closely with President Obama in the past. There are no technologists on the panel at all. Beyond Peter Swire, it's not clear that any have that much experience or focus in civil liberties/4th Amendment issues. Oh, and it all "reports" to James Clapper, the Director of National Intelligence who runs these programs, and a confessed liar to Congress about them. It's the kind of board that you put together when you want to pretend there's been an outside review.

Given all of that, Gordon Mohr suggested via Twitter that we put together our own "shadow" board, comprised of members who we'd love to see on the board instead of who they currently have. Who would we want reviewing these things if there were to be a real "outside" and "independent" review of the NSA's surveillance efforts? This is not an easy list to put together, because there are so many folks who would be good. But I'll suggest a few here and would like to hear from others in the comments. We'll start with the first five (to match the same number on the official board), followed by some potential alternates.

Ed Felten. This one is a no-brainer. The Princeton computer science and tech policy professor, and the director (and, I believe, founder) of Princeton's Center for Information Technology Policy (CITP). He has his feet firmly planted in both worlds, and a long history of doing security and privacy research (as well as a long history of not backing away from controversy to stand behind the results of his research). While he recently did a brief stint as the FTC's first CTO, he's still very much an outsider. Honestly, there's no reason he shouldn't be leading this review team.

Bruce Schneier. Well-known and outspoken security guru. I've heard some folks in the security world grumble over the fact that he gets so much facetime when it comes to security issues compared to many other qualified security researchers, but he has a way of cutting through the crap and getting to the point in an easy and understandable way that few others possess. Furthermore, his special power is not being fooled by "security theater," but focusing in on not just what the actual risks are, but the actual probabilities associated with those risks. The least likely person to be subdued by "but everyone will die!" rhetoric that comes from defenders of these programs.

Chris Soghoian. Another well-known security and privacy researcher, currently working for the ACLU (though also did a stint at the FTC). He's been focused on corporate "back doors" to government surveillance for ages.

Dave Farber. Another engineering/CS professor with a very long and distinguished resume -- but who also has been deeply involved in a variety of public policy issues over the years, and tends to take a very careful, thoughtful approach to analyzing things. Over a decade ago, he was the CTO for the FCC for a brief period.

Orin Kerr. Straddles the worlds of technology, law and law enforcement quite effectively. While the former prosecutor sometimes is a bit too quick to justify law enforcement actions, he does seem to approach these types of questions with a very careful and critical eye.

At least that would be my initial top five list -- all of whom have technology experience, some legal experience, and while every one has had some connections to government, they are generally considered "outsiders", while still clearly having the credibility to be taken seriously by the federal government. There are, of course, plenty of others who I think would be good as well -- including folks like Julian Sanchez, Marcy Wheeler, Jim Harper, Jennifer Granick and others who have spent a lot of time digging deep into NSA claims and related privacy issues -- but they have less of the technology background necessary. There are plenty of other good names out there, so feel free to suggest some in the comments.

Re: Other names on the short list

All good names. I initially had Appelbaum on my list, but later changed my mind as I tried to avoid people who the government would automatically discount. It's stupid, of course, but the government would argue that he doesn't belong on that list.

Re: Re: Other names on the short list

He was my first thought as well. But I have to agree with you. I don't know all of the names mentioned but it seems wise to suggest the ones that are in good terms with the Government even if they criticize it reasonably. I sort of disagree that they must have technical and law knowledge though. If you form a multi-disciplinary group what one part lacks can be fulfilled by other part. So if you have 2 or 3 with deep knowledge of their area it should suffice. Sure, people that have a balanced knowledge may help providing an interface point of view.

You're missing something though, it's already been shown that the FISA courts have been critical and have acknowledged many wrongdoings by the NSA, those rulings have been kept from the public. There is no way that the government is going to allow more people who (rightfully) would also point out their other transgressions. They want people who will side with their views.

you should have put together a list of people that you said you didn't want (but secretly did really). they would be drafted in straight away and perhaps do some good instead of being nothing other than part of Obama's army of stooges!

I second the #1 pick.

Ed Felten is a "policy wonk" by his own words. He is exactly the guy that needs to be there.

He's also (or was a few years ago) the administrators of the wireless network in Princeton's main comp sci building. I met him in 2007 when there talking to an expert witness about the Glider case. I had to get on the wifi because my crappy first-gen iPhone couldn't get any of T-Mobile's crappy EDGE in the building.

He said, "Did you do the GeoHot hack on that where you have to jumper the pins on the memory controller while running a program?"

Needs a lawyer

I nominate Eben Moglen: founder of the Software Freedom Law Center, former council of the Free Software Foundation, programmer. He has been warning for years that you cannot trust the "cloud" and you should keep your data locally where the 4th amendment still has some force.